stackoom
  简体   繁体   中英

Can we Identify individual user in Cognito user pool for accessing api gateway via client credential auth method?

 原文  2022-04-01 09:48:37       amazon-web-services/ aws-api-gateway/ amazon-cognito

Question

Currently we are using client credential to get an auth token from aws cognito through which a client can access our api configured in api gateway. Now we need to restrict access to some resources in api gateway for specific users. How can we achieve this in cognito without using user login or third party auth?

1 answers

solution1
 0  2022-04-01 12:10:21

Cognito token is a JWT token which can be decoded using available libraries like https://jwt.io/

The decoded output would be something like below

样本

For your use case you can put a custom authorizer on API Gateway which decodes the JWT token and based on "cognito:username" it can allow or restrict access

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to pass Cognito User Pool information to Lambda through API Gateway Cognito User Pool direct link to SIGNUP endpoint in Auth API API gateway Cognito user pool authorizer - 401 unauthorized Cognito user pool reusability How can I enable identity provider for cognito user pool via Terraform? Adding Cognito user pool groups using amplify auth update to an existing Cognito resource? Possible to authenticate an AWS Cognito user via the API? AWS Cognito Authentication USER_PASSWORD_AUTH flow not enabled for this client AWS API Gateway Authorizer - Allow Cognito UserPool auth (via headers) and public access AWS Cognito User Pool : Given an App client id, how to get its Pool Id?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM